package com.baylor.server.base.security;

import java.util.ArrayList;
import java.util.List;

import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import com.baylor.server.base.constant.XaConstant;
import com.baylor.server.base.entity.XaCmsUser;
import com.baylor.server.base.repository.XaCmsResourceRepository;
import com.baylor.server.base.repository.XaCmsUserRepository;

@Service("MsUserDetailsService")
@Transactional(readOnly = true)
public class XaUserDetailsService implements UserDetailsService {
    protected static final String ROLE_PREFIX = "ROLE_";
    protected static final GrantedAuthority DEFAULT_USER_ROLE = new SimpleGrantedAuthority(ROLE_PREFIX + "USER");

	@Autowired
	XaCmsUserRepository msCmsUserRepository;

	@Autowired
	XaCmsResourceRepository msCmsResourceRepository;

	public UserDetails loadUserByUsername(String usernameAndRequestType)
			throws UsernameNotFoundException {
		XaUserDetails msUserDetails = new XaUserDetails();
		int requestType = XaConstant.Login.REQUEST_TYPE_MOBILE;
		String username = usernameAndRequestType;
		if(usernameAndRequestType != null && StringUtils.indexOf(usernameAndRequestType, ":")>0){
			username = usernameAndRequestType.split(":")[0];
			try{
				requestType = Integer.parseInt(usernameAndRequestType.split(":")[1]);
			}
			catch(Exception e){
				System.out.println("登录页面参数设置错误,默认走终端鉴权,不做处理");
			}
		}
		try {
			XaCmsUser user;
			if(requestType == XaConstant.Login.REQUEST_TYPE_MOBILE){	//终端鉴权
				user = msCmsUserRepository.findByUserName(username,XaConstant.UserStatus.status_normal);

				List<String> rList = msCmsResourceRepository
						.findRoleNameByUserName(username);
				msUserDetails.setUsername(user.getUserName());
				msUserDetails.setPassword(user.getPassword());
				List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
				for (String roleName : rList) {
					GrantedAuthority authority = new SimpleGrantedAuthority(roleName);
					
					authorities.add(authority);
				}
				//设置用户oauth通过token访问的权限
				authorities.add(DEFAULT_USER_ROLE);
				authorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + "UNITY"));
				authorities.add(new SimpleGrantedAuthority(ROLE_PREFIX + "MOBILE"));
				msUserDetails.setAuthorities(authorities);
				msUserDetails.setAuthorities(authorities);
			}
			else{
				user = msCmsUserRepository.findByUserName(username,XaConstant.UserStatus.status_normal);

				List<String> rList = msCmsResourceRepository
						.findRoleNameByUserName(username);
				msUserDetails.setUsername(user.getUserName());
				msUserDetails.setPassword(user.getPassword());
				List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
				for (String roleName : rList) {
					GrantedAuthority authority = new SimpleGrantedAuthority(roleName);
					authorities.add(authority);
				}
				msUserDetails.setAuthorities(authorities);
			}
		} catch (Exception e) {
			e.printStackTrace();
		}
		return msUserDetails;
	}
}
